CloudSmartz has an exciting opportunity for an IT Security Architect in our Rochester, NY office, with remote locations possible with some travel to Rochester. This position requires an innovative and creative problem solver who is willing to “jump in with both feet” and has the ability to handle multiple priorities in a fast-paced, global service environment. The individual must possess a balance of extremely strong technical security skills but have a good ability to propose and explain security strategy and security design needs for software, network and service developers, as well as IT operations.
The IT Security Architect is responsible for the overall security architecture of systems, network and operations. The focus is on assuring proper security is implemented, tested and monitored both in development and operations of services across an array of systems, networks and locations.
The IT Security Architect will set security standards, governance and ensure compliance with business and customer service requirement needs.
The IT Security Architect will set direction and structure of Security Operations required for the overall IT, software and hardware service and will interface with third party security leaders representing other integrated service components.
This is a very visible role that will combine technical expertise, design/service leadership, teamwork with other architect expertise and disciplines, and alignment with program management on deliveries.
- Develop, drive and manage security architecture, standards and processes in alignment with industry expectations and best practices aligned to, and supportive of business needs, product and service offerings
- Contract requirements management, new services business and third-party contracts governance
- Responsible for the development and presentation of the overall IT security architecture and methods to assure security of implementations during software and integration development between systems, components, internal and potential Cloud-Offering Solutions.
- Technical security compliance review management and signoff
- Understanding the details and business impact of overall services architectures, designs and operations being developed as well as technology changes that might occur during the development and operational test and readiness processes
- Vendor contract participation including review, updates and signoff
- Lead security area responsibility and collaborate with other technical service component architects to understand the implications of respective architectures on elements that maximize the value of information across the complete service design and assurance that it is secure
- Facilitates and directs security of the core technology underpinnings that constitute the overall services architecture which is comprised of integrated systems, network and operations globally
- Drives in-depth assessment of technologies to validate that the security aspects are appropriate for the overall service solution needs and communicates assessment to rest of the team
- Responsible of creating and or managing risk assessment of IT implementations, systems, network and or risk mitigation program of such once operational service structures are in place
- Alignment of Security architecture and security operations roadmap to Program Management Plan
- Maintains engagement with software and network development teams to assure security architecture adhered to during development phases – signoff on major releases
- Maintains engagement with test teams to assure security requirements are being tested and met
- Responsible for evaluation and assessment of change requests to during development and test stages assuring security standards are being met and maintained in any software, system, network, or operations redesigns. Responsible to update security architecture on any agreed to modifications that alter prior security architecture/design
- Be the Subject Matter Expert (SME) and go-to for all Security questions
- Act as visionary and strategist for security needs of the overall service solutions and IT Operations for the service
- Create and communicate cases for build vs buy and insource vs outsource decisions
- Collaborative brainstorming and selling of ideas to Senior Leadership team
- Collaboratively participate in presenting and substantiating designs, pros and cons, budgets and timelines
- Audits security operations practices of IT operations team
- Demonstrating excellent oral, verbal, written, and presentation skills for effective communication between business organization, partners and customer corporate client(s)
- Stay up to date on trends and developments within the security area of expertise
Ideal candidate must be self-motivated with a proven track record in security practices of IT Operations, Cloud technologies, Systems and Software Development and comfortable in the dynamic atmosphere of a technical organization with a rapidly expanding customer base. Candidate must be organized and analytical, adept at working in a team environment, able to design and implement a project schedule, and able to handle multiple priorities. Additional preferred qualifications are:
- B.S. degree in Computer Science, Software Engineering, Network Engineering, MIS or equivalent preferred
- 10+ years of IT Security work experience
- 5+ years of leadership role in security
- 3+ years in software and/or network services and/or cloud services
- 2+ certifications: CISSP, CISA, CRISC, CISM, CCSP, GSEC, CompTIA Security+, CEH, GIAC
- Strong experience with IT Operations, IT System Development, IT Network and SDLC Lifecycle
- Strong creative, analytical and problem-solving skills
- Extensive experience working with software development and networking teams
- Extensive experience defining and implementing standards and best practices
- Extensive experience doing technology evaluations
- Experience in high level architectures and reviewing high level software designs
- Capable of establishing and running a risk assessment
- Good knowledge and experience with security of Cloud Service platforms
- Good knowledge and experience with security of integrated SaaS platforms
- Good knowledge and experience with Cloud-service platforms and Micro services (AWS, Azure, or others)
- Ability to work independently and self motivated
- Ability to work collaboratively with other technical architects and software and network development leads
- Ability to understand the business requirements, solution designs, and identifying security needs for those
- Should have hands-on knowledge or expertise in some security platforms
- Must demonstrate good judgment and pragmatic approach to delivering security architecture and security operational monitoring practices
- Government Security Clearances are a plus
CloudSmartz is a leading edge, high tech services company that approaches each customer opportunity with a passion of being a true success partner for our customers. We believe in a team environment and our company motto is “team player, no layer”. We are looking for the up and coming aggressive leader who wants to do something amazing and who possesses the “get it done” attitude. The candidate that will be successful in this role will have the following competencies:
- Self-motivated, innovative enjoying fast-paced complex service design and implementation environment
- Results Oriented/ Performance Driven
- Software and revenue generation experience
- Telecom and service provider industry – functional experience/knowledge of SDN, Networks and associated systems platforms
- Not fazed by early stage startup service experience.
The position will be placed in Rochester, NY OR in Virginia (Reston-Richmond)